Hi, according to JBWS-723 it is possible to protect access to the WSDL requests of Web-Services. Looking at it in more detail it appears that access does require only any valid login, but is not restricted to specific security roles.
Is it possible to restrict the access to WSDLôs of Web-Services in a role based manner per Web-Service? Use case: We have a full web-service API for internal use. For Clients we want to make one or two of these services available without publishing the full API structure (services, data structures,...) related to internal web-services. So the idea is that access to internal web-services and their WSDL requires a security roles which are not granted to clients. Kind Regards Bertl View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4106292#4106292 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4106292 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user